What is a promise in Javascript?

Question

Lina Cortés

Asked: 2020-01-24 14:18:31 +0800 CST 2020-01-24 14:18:31 +0800 CST 2020-01-24 14:18:31 +0800 CST

Symfony CSRF Token

772

I am sending an ajax request to a controller and it generates this error

ERROR: The CSRF token is not valid. Please try submitting the form again.

Form

{{ form_start(form, {'action': path_with_locale('general_alerts'), 'attr':{'id': 'form_alert1'} }) }}
                        {% if app.user %}
                            {{ form_widget(form.email, { 'attr': {'value': app.user.username, 'class': 'hide'} }) }}
                        {% else %}
                            <div class="form-group" style="text-align:left;">
                                {{ form_errors(form.email, { 'alert_attr': {'class': 'alert alert-danger'} }) }}
                                {{ form_label(form.email, 'Email :', { 'label_attr': {'class': 'control-label'} }) }} 
                                {{ form_widget(form.email, { 'attr': {'class': 'text-input', 'placeholder': "Email"} }) }}
                            </div>
                        {% endif %}    
                        {{ form_widget(form.url, { 'attr': {'value': ajaxUrl, 'class': 'hide'} }) }}
                        <div style="text-align: right">
                            <button type="submit" class="btn btn-success"> Crear alerta</button>            
                        </div>
                    {{ form_rest(form) }}
                    {{ form_end(form) }}

Ajax

jQuery("#form_alert1").submit(function (e) {
            e.preventDefault();
            var $url = $(this).attr('action');
            var $data = $(this).serialize();
            $.ajax({
                type: "POST",
                url: $url,
                data: $data
            }).done(function (result) {
                if (result.success) {
                    $('#result').html('<p>Tu alerta se ha guardado exitosamente. </p>');
                } else if (result.fail) {                        
                    $('#result').html('<p>Ya tienes creada una alerta para esta búsqueda. </p>');                        
                }
            });
        });

Controller

public function alertAction(Request $request) {
    $alert = new Alerts();
    $form = $this->createForm(new AlertsType(), $alert);


    if ($request->getMethod() == 'POST') {
        $form->handleRequest($request);

        if ($form->isValid()) {
            $em = $this->getDoctrine()->getManager();
            if ($request->isXmlHttpRequest()) {
                    $alert->setEntrydate(new \DateTime());
                    $alert->setPrice("011000");
                    $alert->setState(1);
                    $em->persist($alert);
                    $em->flush();
                    $response = new Response();
                    $output = array('success' => true);
                    $response->headers->set('Content-Type', 'application/json');
                    $response->setContent(json_encode($output));
                    return $response;

            } 
        } 
    }

3 Answers

Voted

Manuel David García · Answer 1 · 2020-02-29T08:06:28+08:00

Best Answer

Manuel David García

2020-02-29T08:06:28+08:002020-02-29T08:06:28+08:00

If you don't want to have CSRF token security enabled in your forms, you can disable it in your config.yml file:

framework: csrf_protection: enabled: false

2

Jorgeeadan · Answer 2 · 2020-02-29T08:11:37+08:00

The error indicates that you are not sending the token that goes in a hidden input inside the form, you should try to move the button to the bottom of the form like this:

{{ form_start(form, {'action': path_with_locale('general_alerts'), 'attr':{'id': 'form_alert1'} }) }}
                    {% if app.user %}
                        {{ form_widget(form.email, { 'attr': {'value': app.user.username, 'class': 'hide'} }) }}
                    {% else %}
                        <div class="form-group" style="text-align:left;">
                            {{ form_errors(form.email, { 'alert_attr': {'class': 'alert alert-danger'} }) }}
                            {{ form_label(form.email, 'Email :', { 'label_attr': {'class': 'control-label'} }) }} 
                            {{ form_widget(form.email, { 'attr': {'class': 'text-input', 'placeholder': "Email"} }) }}
                        </div>
                    {% endif %}    
                    {{ form_widget(form.url, { 'attr': {'value': ajaxUrl, 'class': 'hide'} }) }}
                {{ form_rest(form) }}
                {{ form_end(form) }}
                    <div style="text-align: right">
                        <button type="submit" class="btn btn-success"> Crear alerta</button>            
                    </div>

juanitourquiza · Answer 3 · 2020-03-27T12:36:44+08:00

juanitourquiza

2020-03-27T12:36:44+08:002020-03-27T12:36:44+08:00

To fix this you should use this on the form in the twig part:

{{ form_row(form._token) }}

This way the error is no longer displayed and you have this security check which is very important. I tried it on symfony 4and it works perfect

0

Symfony CSRF Token

HTML button that sends you to another page

Why do I get the error "Call to undefined function mysql_connect()"?

How to create an HTML button that works as a link?

How to separate a String in Java. How to use split()

Filter by dates in sql server

How to limit the number of decimal places in a double?

For each in JavaScript?

Position footer ALWAYS glued to the footer

Definitive Guide to Type Conversion in Java

How to properly compare Strings (and objects) in Java?